Login   Register  
PHP Classes
elePHPant
Icontem

File: dbum_class.inc

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Steffen Stollfuß  >  dbum_class.inc  >  dbum_class.inc  >  Download  
File: dbum_class.inc
Role: Class source
Content type: text/plain
Description: DBUM Class File
Class: dbum_class.inc
DataBase User Managment class
Author: By
Last change: /* Bug fix Release */
While i using this class in my own scripts
i detected many bugs that i have fixed....

In future i will dev (with more experience) a php5 version with less bugs an errors :)))

cya Jointy
Date: 10 years ago
Size: 73,767 bytes
 

Contents

Class file image Download
<?php
/*******************************************************************************
 *                DataBase User Managment Class based on PEAR DB
 *
 *                              dbum_class.inc
 *                           --------------------
 *                           Begin: 17. July 2003
 *
 *            Author: Steffen Stollfu&szlig; <bestmischmaker@web.de>
 *
 *                          status: "search 4 a job"
 *
 *        $ Id: - dbum_class.inc - v.0.9.8.2 - 03-07-2004 10:47:14 $
 *******************************************************************************
 *
 *    - Change Log - begin v.0.8.4
 *
 *
 *  Date: 02.08.2003
 *  !!! v.0.8.4 beta coming public !!!
 *  - documentaion v.0.5.3
 *
 *  Date: 03.08.2003
 *  - fix a bug in load_session() with cookie_params !!!
 *
 *  Date: 21.08.2003
 *  - the function "change email" did not set new activ_id in database,
 *    so the activation goes failed
 *
 *  Date: 27.08.2003
 *  - constructor changes ( now only 2 parameters needed )
 *   ( $dbum = new DBUM($db , $debug); )
 *  - doc v.0.9.2
 *
 *
 *  Date: 28.08.2003
 *  !!! Experimental !!! - now max_len constans variable, have a look at doc how you use it !!! Experimental !!!
 *  - max_failed_logins = 98 // that the maximum or "0" for deactivted (default = "5")
 *    have a look at the documentation
 *
 *  - new function (install_tables( $options ))
 *
 *  Date: 29.08.2003
 *  - v.0.9.6 public comming out !!!
 *  - doc v.0.9.5 public comming out !!!

 *  Date: 31.08.2003
 *  - v.0.9.7 public out
 *  - fixed a bug in is_numeric_array(), it will not work in v.0.9.6
 *  - if you use the class please update, thx

 * Date 23.06.2004
 * - v.0.9.6.1 while using some new bugs occured, this i have fixed now
 *
 *
 * Date: 03.07.2004
 * - v.0.9.8.2 new function added "forgot_password($email)"
 * - and some bugs fixed
 */
// SQL Tables
if( !defined("DBUM_USERS_TABLE") ) define("DBUM_USERS_TABLE" , "dbum_users");
if( !defined("DBUM_SESSION_TABLE") ) define("DBUM_SESSION_TABLE" , "dbum_sessions" );
if( !defined("DBUM_GROUPS_TABLE") ) define("DBUM_GROUPS_TABLE" , "dbum_groups" );



// Error Constans
define("DBUM_HACKER_ATTEMPT" , 1000 );
define("DBUM_INPUT_ERROR" , 1001 );
define("DBUM_SQL_ERROR" , 1002 );
define("DBUM_LOGIN_FAILED" , 1003 );
define("DBUM_USER_NOT_ACTIVATED" , 1004 );
define("DBUM_USER_EXISTS" , 1005 );
define("DBUM_CREATE_USER_FAILED" , 1006 );
define("DBUM_SESSION_START_FAILED" , 1007 );
define("DBUM_USER_LOCKED" , 1008 );
define("DBUM_INSERT_SESSION_FAILED" , 1009 );
define("DBUM_UPDATE_SESSION_FAILED" , 1010 );
define("DBUM_MAX_FAILED_LOGINS_REACHED" , 1011 );
define("DBUM_GROUP_NOT_ACTIVATED" , 1012 );
define("DBUM_GROUP_NOT_EXISTS" , 1013 );
define("DBUM_NOT_LOGGED" , 1014 );
define("DBUM_LOGIN_TIMEOUT_REACHED" , 1015 );
define("DBUM_UNLOCK_USER_FAILED" , 1016 );
define("DBUM_ACTIVATED_USER_FAILED" , 1017 );
define("DBUM_USER_NOT_EXISTS" , 1018 );
define("DBUM_CHANGE_PASSWORD_FAILED", 1019 );
define("DBUM_CHANGE_EMAIL_FAILED" , 1020 );
define("DBUM_ACCESS_DENIED" , 1021 );
define("DBUM_GROUP_EXISTS" , 1022 );
define("DBUM_USER_DELETE_FAILED" , 1023 );
define("DBUM_GROUP_DELETE_FAILED" , 1024 );
define("DBUM_GROUP_ACTIVATE_FAILED" , 1025 );
define("DBUM_GROUP_DEACTIVATE_FAILED" , 1026 );
define("DBUM_EDIT_USER_FAILED" , 1027 );
define("DBUM_GROUP_EDIT_FAILED" , 1028 );
define("DBUM_ACTION_FAILED" , 1029 );
define("DBUM_EMAIL_EXISTS" , 1030 );
define("DBUM_FORGOT_PASSWORD_FAILED" , 1031);
define("DBUM_INSTALL_ERROR" , 1032 );

if(!defined("DBUM_MAX_FAILED_LOGINS") ) define("DBUM_MAX_FAILED_LOGINS" , 5 ); // !!! max 98 !!!
// this will use if no timeout set when user will created
define("DBUM_DEFAULT_USER_TIMEOUT" , 60); // mins

// Input Constans
if(!defined("DBUM_MAX_USERNAME_LEN") ) define("DBUM_MAX_USERNAME_LEN" , 20 );
if(!defined("DBUM_MAX_PASSWORD_LEN") ) define("DBUM_MAX_PASSWORD_LEN" , 35 );
if(!defined("DBUM_FIRST_NAME_MAX_LEN") ) define("DBUM_FIRST_NAME_MAX_LEN" , 50 );
if(!defined("DBUM_LAST_NAME_MAX_LEN") ) define("DBUM_LAST_NAME_MAX_LEN" , 75 );
if(!defined("DBUM_STREET_MAX_LEN") ) define("DBUM_STREET_MAX_LEN" , 255 );
if(!defined("DBUM_HOMETOWN_MAX_LEN") ) define("DBUM_HOMETOWN_MAX_LEN" , 100 );
if(!defined("DBUM_POSTCODE_MAX_LEN") ) define("DBUM_POSTCODE_MAX_LEN" , 10 );
if(!defined("DBUM_EMAIL_MAX_LEN") ) define("DBUM_EMAIL_MAX_LEN" , 200 );
if(!defined("DBUM_TELEPHONE_MAX_LEN") ) define("DBUM_TELEPHONE_MAX_LEN" , 50 );
if(!defined("DBUM_FAX_MAX_LEN") ) define("DBUM_FAX_MAX_LEN" , 50 );
if(!defined("DBUM_MOBIL_MAX_LEN") ) define("DBUM_MOBIL_MAX_LEN" , 25 );
if(!defined("DBUM_SIGNATURE_MAX_LEN") ) define("DBUM_SIGNATURE_MAX_LEN" , 65535 );
if(!defined("DBUM_ICQ_MAX_LEN") ) define("DBUM_ICQ_MAX_LEN" , 20 );
if(!defined("DBUM_MSN_MAX_LEN") ) define("DBUM_MSN_MAX_LEN" , 255 );
if(!defined("DBUM_AIM_MAX_LEN") ) define("DBUM_AIM_MAX_LEN" , 255 );
define("DBUM_TIMEOUT_MAX_LEN" , 4 );

if(!defined("DBUM_GROUP_NAME_MAX_LEN") ) define("DBUM_GROUP_NAME_MAX_LEN" , 100 );
if(!defined("DBUM_GROUP_DESC_MAX_LEN") ) define("DBUM_GROUP_DESC_MAX_LEN" , 255 );
if(!defined("DBUM_GROUP_LEVEL_MAX_LEN") ) define("DBUM_GROUP_LEVEL_MAX_LEN" , 3 );


// Class DataBase User Managment !!!!
class dbum
{
    // Error Vars
    var $err_code;
    var $err_title;
    var $err_msg;
    var $err_line;
    var $err_file;
    var $query;


    var $debug;
    var $result;
    var $db;
    var $unlock = array();

    /*
    // Some Tests
    var $query_num = 0;
    var $queries = array();
    */

    // Constructor
    function dbum( &$db , $debug = FALSE )
    {
        $this->debug = $debug;
        $this->db = $db;

    }

    function login( $username , $password )
    {
        ////////////////////////////////////////////////////////////////////////
        // Check are Input data correct !
        if( !$this->_valid_data( array( "username" => $username , "password" => $password ) ) )
        {
            return FALSE;
        }
        ////////////////////////////////////////////////////////////////////////
        // Select "user_id , group_id , activated , locked , failed_logins , created , password , first_name , last_name , email"

        $this->query = '';
        $this->query = 'SELECT user_id , group_id , activated , locked , failed_logins , created , password , first_name , last_name , email
                        FROM '. DBUM_USERS_TABLE .'
                        WHERE
                        LOWER(username) = \''. strtolower($username)  .'\'';

        $this->result = $this->db->query( $this->query );

        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';


        ////////////////////////////////////////////////////////////////////////
        // Check is a Dataset founded !
        if( !$row = $this->result->fetchRow( DB_FETCHMODE_ASSOC ) )
        {
            $this->result->free();
            return $this->message_return( DBUM_LOGIN_FAILED , "Login" , "Login goes failed", __LINE__ , __FILE__ );
        }
        $this->result->free();

        ////////////////////////////////////////////////////////////////////////
        // Check are failed_logins != DBUM_MAX_FAILED_LOGINS
        if( DBUM_MAX_FAILED_LOGINS != 0 )
        {
            if( $row["failed_logins"] == DBUM_MAX_FAILED_LOGINS )
            {
                if( !$this->lock_user( $username ) )
                {
                    return FALSE;
                }
                return $this->message_return( DBUM_MAX_FAILED_LOGINS_REACHED , "Login" , "Your account was locked now, because too many failed logins", __LINE__ , __FILE__ );
            }
        }

        ////////////////////////////////////////////////////////////////////////
        // Check is User locked !!!
        if( $row["locked"] != 0)
        {
            return $this->message_return( DBUM_USER_LOCKED , "Login" , "Your account is locked", __LINE__ , __FILE__ );
        }

        ////////////////////////////////////////////////////////////////////////
        // Check is Password valid, else set failed_login + 1 and return DBUM_LOGIN_FAILED
        if( $row["password"] != sha1( $password ) )
        {

            $this->query = "UPDATE ". DBUM_USERS_TABLE ."
                            SET
                            failed_logins = '". ($row["failed_logins"] + 1) ."'
                            WHERE
                            LOWER(username) = '". strtolower($username) ."'
                            LIMIT 1";

            $this->result = $this->db->query( $this->query );

            if( DB::isError( $this->result ) )
            {
                return $this->message_return( DBUM_SQL_ERROR , "" , "", __LINE__ , __FILE__ );
            }
            $this->query = '';

            return $this->message_return( DBUM_LOGIN_FAILED , "Login" , "Login goes failed", __LINE__ , __FILE__ );
        }

        ////////////////////////////////////////////////////////////////////////
        // Check is User activated !
        if( $row["activated"] != 1)
        {
            return $this->message_return( DBUM_USER_NOT_ACTIVATED , "Login" , "Your account is not activated", __LINE__ , __FILE__ );
        }

        ////////////////////////////////////////////////////////////////////////
        // set output user vars
        $output = array( "username" => $username ,
                         "password" => $password ,
                         "user_id" => $row["user_id"] ,
                         "group_id" => $row["group_id"] ,
                         "first_name" => $row["first_name"] ,
                         "last_name" => $row["last_name"] ,
                         "email" => $row["email"] ,
                         "created" => $row["created"]
                        );

        if( $row["failed_logins"] > DBUM_MAX_FAILED_LOGINS )
        {
            $output["failed_logins"] = $row["failed_logins"] - 1;
        }
        else
        {
            $output["failed_logins"] = $row["failed_logins"];
        }

        unset( $row );

        ////////////////////////////////////////////////////////////////////////


        ////////////////////////////////////////////////////////////////////////
        // Check Group Setting
        $this->query = 'SELECT group_name , group_desc , activated
                        FROM '. DBUM_GROUPS_TABLE .'
                        WHERE group_id = \''. $output["group_id"] .'\'';
        $this->result = $this->db->query( $this->query );

        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';
        if( !$row = $this->result->fetchRow( DB_FETCHMODE_ASSOC ) )
        {
            $this->result->free();
            return $this->message_return( DBUM_GROUP_NOT_EXISTS , "Login" , "Given group_id does not exists", __LINE__ , __FILE__);
        }
        $this->result->free();
        ////////////////////////////////////////////////////////////////////////
        // Check is Group activated
        if( $row["activated"] != 1 )
        {
            return $this->message_return( DBUM_GROUP_NOT_ACTIVATED , "Login" , "Your group is not activated", __LINE__ , __FILE__);
        }

        ////////////////////////////////////////////////////////////////////////
        // Set output group vars
        $output["group_name"] = $row["group_name"];
        $output["group_desc"] = $row["group_desc"];
        ////////////////////////////////////////////////////////////////////////
        // Set Users last action timestamp
        $output["last_action"] = $this->_timestamp();
        unset( $row );
        ////////////////////////////////////////////////////////////////////////
        // Update Session Data Section
        $this->query = "UPDATE ". DBUM_SESSION_TABLE ." SET
                        user_id = '". $output["user_id"] ."',
                        last_action = '". $output["last_action"] ."'
                        WHERE
                        session_id = '". session_id() ."'
                        LIMIT 1";


        $this->result = $this->db->query( $this->query );

        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = "";
        if( $this->db->affectedRows( $this->result ) != 1 )
        {
            return $this->message_return( DBUM_UPDATE_SESSION_FAILED , "DB_Handling" , "Something goes wrong, while updating session data" , __LINE__ , __FILE__ );
        }

        ////////////////////////////////////////////////////////////////////////
        // Updating USERS Table !!!
        $this->query = "UPDATE ". DBUM_USERS_TABLE ." SET
                        session_id = '". session_id() ."',
                        failed_logins = '0'
                        WHERE
                        user_id = '". $output["user_id"] ."'
                        LIMIT 1";
        $this->result = $this->db->query( $this->query );

        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';
        if( $this->db->affectedRows( $this->result ) != 1 )
        {
            return $this->message_return( DBUM_UPDATE_SESSION_FAILED , "DB_Handling" , "Something goes wrong, while updating user data" , __LINE__ , __FILE__ );
        }

        ////////////////////////////////////////////////////////////////////////
        // Return
        return $output;

    }

    /***************************************************************************
     * - check is given session_id logged for a user
     * - if timeout set the function will return DBUM_LOGIN_TIMEOUT_REACHED, when reached
     * - if timeout reached function will logout user/session and destroy session !!!
     **************************************************************************/
    function is_login( $session_id = NULL )
    {
        if( is_null($session_id) )
        {
            $session_id = session_id();
        }
        $this->query = "";
        $this->query = "SELECT s.last_action , u.timeout
                        FROM ". DBUM_USERS_TABLE ." u, ". DBUM_SESSION_TABLE ." s
                        WHERE
                        u.session_id = '". $session_id ."'
                        AND
                        s.session_id = '". $session_id ."'
                        AND
                        s.user_id = u.user_id";
        $this->result = $this->db->query( $this->query );

        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';

        if( !$row = $this->result->fetchRow( DB_FETCHMODE_ASSOC ) )
        {
            $this->result->free();
            return $this->message_return( DBUM_NOT_LOGGED , "Login" , "You are not logged" );
        }
        $this->result->free();
        // Timeout min -> sec
        if( $row["timeout"] > "0" )
        {
            $timeout_sec = $row["timeout"] * 60;

            $timeout_diff = $this->_timestamp() - $row["last_action"];
            if( $timeout_diff > $timeout_sec )
            {
                if( !$this->logout( $session_id ) )
                {
                    return FALSE;
                }
                $this->destroy_session( $session_id );

                return $this->message_return( DBUM_LOGIN_TIMEOUT_REACHED , "Login" , "Login timeout reached" , __LINE__ , __FILE__ );
            }
        }
        return TRUE;
    }

    /***************************************************************************
     * - set "session_stop" , "last_action" and "user_id" = ''
     **************************************************************************/
    function logout( $session_id = NULL )
    {
        if( is_null( $session_id ) )
        {
            $session_id = session_id();
        }
        $this->query = "";
        $this->query = "UPDATE ". DBUM_SESSION_TABLE ." SET
                       session_stop = '". $this->_datetime() ."',
                       last_action = '". $this->_timestamp() ."',
                       user_id = ''
                       WHERE
                       session_id = '". $session_id ."'
                       LIMIT 1";

        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';
        if( $this->db->affectedRows( $this->result ) != 1 )
        {
            return $this->message_return( DBUM_UPDATE_SESSION_FAILED , "DB_Handling" , "Something goes wrong, could not updating session data", __LINE__ , __FILE__ );
        }
        return TRUE;
    }

    /***************************************************************************
     * - user must be logged , befor you can use this function !!!
     * -
     **************************************************************************/

    function is_authorized( $need_level )
    {
        $this->query = "";
        $this->query = "SELECT g.level FROM ". DBUM_USERS_TABLE ." u, ". DBUM_GROUPS_TABLE ." g
                        WHERE
                        u.session_id = '". @session_id() ."'
                        AND
                        g.group_id = u.group_id";

        $this->result = $this->db->query( $this->query );

        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';

        if( !$row = $this->result->fetchRow( DB_FETCHMODE_ASSOC ) )
        {
            $this->result->free();
            return $this->message_return( DBUM_ACCESS_DENIED , "Access Denied" , "You cannot access to this site" );
        }
        $this->result->free();
        if( $row["level"] > $need_level )
        {
            return $this->message_return( DBUM_ACCESS_DENIED , "Access Denied" , "You cannot access to this site" );
        }
        return TRUE;
    }

    /***************************************************************************
     * - set last_action field in dbum session table
     * -
     **************************************************************************/
    function action( $session_id = NULL )
    {
        if( is_null( $session_id ) )
        {
            $session_id = @session_id();
        }
        else
        {
            if( !$this->_valid_data( array("session_id" => $session_id) ) )
            {
                return FALSE;
            }
        }
        $this->query = "";
        $this->query = "UPDATE ". DBUM_SESSION_TABLE ." SET
                        last_action = '". $this->_timestamp() ."'
                        WHERE
                        session_id = '". $session_id ."'";
        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" ,"" ,__LINE__ , __FILE__ );
        }
        $this->query = '';
        if( $this->db->affectedRows( $this->result ) != 1 )
        {
            return $this->message_return( DBUM_ACTION_FAILED , "Action" , "Something goes wrong, while do action" , __LINE__ , __FILE__ );
        }
        return TRUE;
    }


    /*
     * check is given email address valid
     * try to get an username for this email
     * changed the pass to a new one
     * return the new password
     */
    function forgot_password( $email )
    {
        if( !$this->_valid_data( array("email"=>$email) ) ) return FALSE;

        // Check is user already exists !!!
        $this->query = "";
        $this->query = "SELECT username FROM ". DBUM_USERS_TABLE ." WHERE email = '".$email."'";

        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = "";

        if( !$row = $this->result->fetchRow( DB_FETCHMODE_ASSOC ) )
        {
            $this->result->free();
            return $this->message_return( DBUM_FORGOT_PASSWORD_FAILED , "No Username found" , "Cant find any username for this email address ".$email , __LINE__ , __FILE__ );
        }
        $this->result->free();
        // Genereate a new password
        $new_pass = substr($this->_generate_id($row["username"]),0,rand(6,12));

        // Set this new password in USERS Table
        $this->query = "UPDATE ". DBUM_USERS_TABLE ." SET
        		       password = '". sha1( $new_pass ) ."'
                        WHERE email = '".$email."'";

        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = "";

        if( $this->db->affectedRows( $this->result ) != 1 )
        {
            return $this->message_return( DBUM_FORGOT_PASSWORD_FAILED , "Forgot Password" , "Something goes wrong, while changing your password" , __LINE__ , __FILE__ );
        }

        return $new_pass;
    }

    /***************************************************************************
     * - check if all input data are valid !!!
     * - check is User already exists !!!
     * - generate a activation id that will return if all right
     * - create user
     **************************************************************************/
    function create_user( $user )
    {
        // Check are all input data valid !!!
        if( !$this->_valid_data( $user ) )
        {
            return FALSE;
        }

        // Check is Username already exists !!!
        if( !$this->_user_not_exists( $user["username"] ) )
        {
            return FALSE;
        }
        // check is email address already store !!!
        if( !$this->_email_not_exists( $user["email"] ) )
        {
            return FALSE;
        }

        // Generate Activation ID !!!
        $user["session_id"] = $this->_generate_id( $user["username"] );
        ////////////////////////////////////////////////////////////////////////
        // DB Handling
        $this->query = '';
        $this->query = 'INSERT INTO '. DBUM_USERS_TABLE .' VALUES (
                        \'\' ,
                        \''. $user["group_id"].'\' ,
                        \''. $user["session_id"] .'\' ,
                        \'0\',
                        \'0\',
                        \''. (( !isset($user["activated"]) ) ? FALSE : $user["activated"]) .'\',
                        \''. (( !isset($user["timeout"]) || empty($user["timeout"]) ) ? DBUM_DEFAULT_USER_TIMEOUT : $user["timeout"]) .'\',
                        \''. $this->_datetime() .'\',
                        \''. $user["username"] .'\' ,
                        \''. sha1($user["password"]) .'\' ,
                        \''. (( !isset($user["first_name"]) || empty($user["first_name"]) ) ? NULL : $user["first_name"]) .'\' ,
                        \''. (( !isset($user["last_name"]) || empty($user["last_name"]) ) ? NULL : $user["last_name"]) .'\' ,
                        \''. (( !isset($user["street"]) || empty($user["street"]) ) ? NULL : $user["street"]) .'\' ,
                        \''. (( !isset($user["postcode"]) || empty($user["postcode"]) ) ? NULL : $user["postcode"]) .'\' ,
                        \''. (( !isset($user["hometown"]) || empty($user["hometown"]) ) ? NULL : $user["hometown"]) .'\' ,
                        \''. $user["email"] .'\' ,
                        \''. (( !isset($user["website"]) || empty($user["website"]) ) ? NULL : $user["website"]) .'\' ,
                        \''. (( !isset($user["telephone"]) || empty($user["telephone"]) ) ? NULL : $user["telephone"]) .'\' ,
                        \''. (( !isset($user["fax"]) || empty($user["fax"]) ) ? NULL : $user["fax"]) .'\' ,
                        \''. (( !isset($user["mobil"]) || empty($user["mobil"]) ) ? NULL : $user["mobil"]) .'\' ,
                        \''. (( !isset($user["signature"]) || empty($user["signature"]) ) ? NULL : $user["signature"]) .'\' ,
                        \''. (( !isset($user["icq"]) || empty($user["icq"]) ) ? NULL : $user["icq"]) .'\' ,
                        \''. (( !isset($user["msn"]) || empty($user["msn"]) ) ? NULL : $user["msn"]) .'\' ,
                        \''. (( !isset($user["aim"]) || empty($user["aim"]) ) ? NULL : $user["aim"]) .'\' )';

        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';
        if( $this->db->affectedRows( $this->result ) != 1 )
        {
            return $this->message_return( DBUM_CREATE_USER_FAILED , "DB_Handling" , "Something goes wrong, while create user" , __LINE__ , __FILE__ );
        }
        ////////////////////////////////////////////////////////////////////////
        // Return
        return $user["session_id"];
    }

    /***************************************************************************
     * - check input data
     * - activate user
     **************************************************************************/
    function activated_user( $username , $activ_id )
    {
        if( !$this->_valid_data( array("username" => $username , "unlock_id" => $activ_id) ) )
        {
            return FALSE;
        }
        $this->query = "";
        $this->query = "UPDATE ". DBUM_USERS_TABLE ." SET
                        activated = '1'
                        WHERE
                        username = '". $username ."'
                        AND
                        session_id = '". $activ_id ."'
                        LIMIT 1";

        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        if( $this->db->affectedRows( $this->result ) != 1 )
        {
            return $this->message_return( DBUM_ACTIVATED_USER_FAILED , "DB Handling" , "Something goes wrong, while activate your user account" , __LINE__ , __FILE__ );
        }
        return TRUE;
    }

    /***************************************************************************
     * set the unlock array
     * set in table users
     **************************************************************************/
    function lock_user( $username )
    {
        if( !$this->_valid_data( array("username" => $username) ) )
        {
            return FALSE;
        }
        $this->query = "";
        $this->query = "SELECT email FROM ". DBUM_USERS_TABLE ." WHERE username = '". $username ."'";
        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = "";

        if( !$row = $this->result->fetchRow( DB_FETCHMODE_ASSOC ) )
        {
            return $this->message_return( DBUM_USER_NOT_EXISTS , "Lock User" , "User you try to lock does not exists" );
        }
        $this->result->free();
        // Created unlock_id and set it in session_id field
        $this->unlock["id"] = $this->_generate_id( $username );
        $this->unlock["username"] = $username;
        // $this->unlock["password"] = substr( $this->unlock["id"] , 9 , 18 );
        $this->unlock["email"] = $row["email"];

        unset( $row );

        $this->query = "UPDATE ". DBUM_USERS_TABLE ." SET
                        locked = '1' ,
                        failed_logins = '". (DBUM_MAX_FAILED_LOGINS + 1) ."' ,
                        session_id = '". $this->unlock["id"] ."' ".
                        // password = '". sha1( $this->unlock["password"] ) ."'
                        "WHERE
                        LOWER(username) = '". strtolower($username) ."'
                        LIMIT 1";

        $this->result = $this->db->query( $this->query );

        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';
        return TRUE;
    }
    /***************************************************************************
     * - set locked in DB "0" false !!!
     **************************************************************************/
    function unlock_user( $username , $unlock_id )
    {
        if( !$this->_valid_data( array( "username" => $username , "unlock_id" => $unlock_id ) ) )
        {
            return FALSE;
        }
        $this->query = "";
        $this->query = "UPDATE ". DBUM_USERS_TABLE ." SET
                        locked= '0'
                        WHERE
                        session_id = '". $unlock_id ."'
                        AND
                        LOWER(username) = '". strtolower($username) ."'
                        LIMIT 1";

        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query= '';
        if( $this->db->affectedRows( $this->result ) != 1 )
        {
            return $this->message_return( DBUM_UNLOCK_USER_FAILED , "Unlock_User" , "Something goes wrong, while unlock user" , __LINE__ , __FILE__ );
        }

        return TRUE;
    }

    /***************************************************************************
     * - check are all given string valid
     * - check is
     * - change password when old pwd is correct
     **************************************************************************/
    function change_password( $username , $old_pwd , $new_pwd , $re_new_pwd )
    {
        if( !$this->_valid_data( array( "username" => $username , "password" => array($old_pwd , $new_pwd , $re_new_pwd) ) ) )
        {
            return FALSE;
        }
        if( empty($new_pwd) || ($new_pwd != $re_new_pwd) )
        {
            return $this->message_return( DBUM_CHANGE_PASSWORD_FAILED , "Change Password" , "Your new 2 password strings are not the same or empty" , __LINE__ , __FILE__ );
        }

        $this->query = "";
        $this->query = "UPDATE ". DBUM_USERS_TABLE ." SET
                        password = '". sha1( $new_pwd ) ."'
                        WHERE
                        LOWER(username) = '". strtolower($username) ."'
                        AND
                        password = '". sha1( $old_pwd ) ."'
                        LIMIT 1";

        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';
        if( $this->db->affectedRows( $this->result ) != 1 )
        {
            return $this->message_return( DBUM_CHANGE_PASSWORD_FAILED , "Change Password" , "Your old password was not correct" , __LINE__ , __FILE__ );
        }
        return TRUE;
    }

    /***************************************************************************
     * - check is new email format valid
     * - generate new activation_id and set it in db
     * - change email , if not exists because email field is "unique_id"
     *   and set activated = FALSE
     * - return activ_id
     **************************************************************************/
    function change_email( $username , $new_email )
    {
        if( !$this->_valid_data( array( "username" => $username , "email" => $new_email ) ) )
        {
            return FALSE;
        }

        $activ_id = $this->_generate_id( $username );

        $this->query = "";
        $this->query = "UPDATE ". DBUM_USERS_TABLE ." SET
                        email = '". $new_email ."' ,
                        session_id = '". $activ_id ."' ,
                        activated = '0'
                        WHERE
                        LOWER(username) = '". strtolower($username) ."'
                        LIMIT 1";

        $this->result = $this->db->query( $this->query );

        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';
        if( $this->db->affectedRows( $this->result ) != 1 )
        {
            return $this->message_return( DBUM_CHANGE_EMAIL_FAILED , "DB Handling" , "Something goes wrong, while changing your email" , __LINE__ , __FILE__ );
        }
        return $activ_id;
    }

    /***************************************************************************
     * - check all data !!!
     * - update User data in Database
     **************************************************************************/
    function edit_user( $user )
    {
        if( !$this->_valid_data($user) )
        {
            return FALSE;
        }

        $this->query = "";
        $this->query = "UPDATE ". DBUM_USERS_TABLE ." SET
                        timeout = '". ( (!isset($user["timeout"]) || empty($user["timeout"])) ? DBUM_DEFAULT_USER_TIMEOUT : $user["timeout"] ) ."',
                        first_name = '". ( (!isset($user["first_name"]) || empty($user["first_name"])) ? NULL : $user["first_name"] ) ."',
                        last_name = '". ( (!isset($user["last_name"]) || empty($user["last_name"])) ? NULL : $user["last_name"] ) ."',
                        street = '". ( (!isset($user["street"]) || empty($user["street"])) ? NULL : $user["street"] ) ."',
                        postcode = '". ( (!isset($user["postcode"]) || empty($user["postcode"])) ? NULL : $user["postcode"] ) ."',
                        hometown = '". ( (!isset($user["hometown"]) || empty($user["hometown"])) ? NULL : $user["hometown"] ) ."',
                        website = '". ( (!isset($user["website"]) || empty($user["website"])) ? NULL : $user["website"] ) ."',
                        telephone = '". ( (!isset($user["telephone"]) || empty($user["telephone"])) ? NULL : $user["telephone"] ) ."',
                        fax = '". ( (!isset($user["fax"]) || empty($user["fax"])) ? NULL : $user["fax"] ) ."',
                        mobil = '". ( (!isset($user["mobil"]) || empty($user["mobil"])) ? NULL : $user["mobil"] ) ."',
                        signature = '". ( (!isset($user["signature"]) || empty($user["signature"])) ? NULL : $user["signature"] ) ."',
                        icq = '". ( (!isset($user["icq"]) || empty($user["icq"])) ? NULL : $user["icq"] ) ."',
                        msn = '". ( (!isset($user["msn"]) || empty($user["msn"])) ? NULL : $user["msn"] ) ."',
                        aim = '". ( (!isset($user["aim"]) || empty($user["aim"])) ? NULL : $user["aim"] ) ."'
                        WHERE
                        LOWER(username) = '". strtolower($user["username"]) ."'
                        LIMIT 1";

        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';
        if( $this->db->affectedRows( $this->result ) != 1 )
        {
            return $this->message_return( DBUM_EDIT_USER_FAILED , "DB Handling" , "Something goes wrong, while edit your user data" );
        }
        return TRUE;
    }

    /***************************************************************************
     * - check is user_id valid
     * - return all found able user data
     **************************************************************************/
    function return_user( $user_id )
    {
        if( !$this->_valid_data( array("icq" => $user_id) ) )
        {
            return FALSE;
        }

        $this->query = '';
        $this->query = 'SELECT * FROM '. DBUM_USERS_TABLE .' WHERE user_id = \''. $user_id .'\' LIMIT 1';
        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';

        if( !$row = $this->result->fetchRow( DB_FETCHMODE_ASSOC ) )
        {
            return $this->message_return( DBUM_USER_NOT_EXISTS , "User" , "User doesnot exists" );
        }
        $this->result->free();

        // Remove the password field
        unset($row["password"]);
        return $row;
    }

    /***************************************************************************
     * - check are given username valid
     * - delete all data for given username
     **************************************************************************/
    function delete_user( $username )
    {
        if( !$this->_valid_data( array("username" => $username) ) )
        {
            return FALSE;
        }

        $this->query = '';
        $this->query = 'DELETE FROM '. DBUM_USERS_TABLE .' WHERE LOWER(username) = \''. strtolower($username) .'\' LIMIT 1';

        $this->result = $this->db->query( $this->query );

        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';
        if( $this->db->affectedRows( $this->result ) )
        {
            return $this->message_return( DBUM_USER_DELETE_FAILED , "DB Handling" , "Something goes wrong, while delete user" , __LINE__ , __FILE__ );
        }
        return TRUE;
    }

    /***************************************************************************
     * - check are given datas correct
     * - check is group already exists
     * - create group
     **************************************************************************/
    function create_group( $group )
    {
        if( !$this->_valid_data( $group ) )
        {
            return FALSE;
        }
        // Check is group already exists
        if( !$this->_group_not_exists( $group["group_name"] ) )
        {
            return FALSE;
        }
        if( !isset($group["level"]) || $group["level"] == '' )
        {
            $group["level"] = 999;
        }
        $this->query = '';
        $this->query = 'INSERT INTO '. DBUM_GROUPS_TABLE .' VALUES (
                        \'\',
                        \''. $group["group_name"] .'\',
                        \''. $group_desc["group_desc"] .'\',
                        \''. $group["activated"] .'\',
                        \''. $group["level"] .'\' )';

        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';
        if( $this->db->affectedRows( $this->result ) != 1 )
        {
            return $this->message_return( DBUM_CREATE_GROUP_FAILED , "DB Handling" , "Something goes wrong, while created group" , __LINE__ , __FILE__ );
        }
        return TRUE;
    }

    /***************************************************************************
     * - check is given group name valid
     * - activate group if exists
     **************************************************************************/
    function activate_group( $group_name )
    {
        if( !$this->_valid_data( array( "group_name" => $group_name ) ) )
        {
            return FALSE;
        }
        $this->query = "";
        $this->query = "UPDATE ". DBUM_GROUPS_TABLE ." SET
                        activated = '1',
                        WHERE
                        LOWER(group_name) = '". strtolower($group_name) ."'
                        LIMIT 1";

        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';
        if( $this->db->affectedRows( $this->result ) != 1 )
        {
            return $this->message_return( DBUM_GROUP_ACTIVATE_FAILED , "Activate Group" , "Something goes wrong, while activate group" , __LINE__ , __FILE__ );
        }

        return TRUE;
    }

    /***************************************************************************
     * - check is group_name valid
     * - deactivate group if exists
     **************************************************************************/
    function deactivate_group( $group_name )
    {
        if( !$this->_valid_data( array( "group_name" => $group_name ) ) )
        {
            return FALSE;
        }
        $this->query = "";
        $this->query = "UPDATE ". DBUM_GROUPS_TABLE ." SET
                        activated = '0',
                        WHERE
                        LOWER(group_name) = '". strtolower($group_name) ."'
                        LIMIT 1";

        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';
        if( $this->db->affectedRows( $this->result ) != 1 )
        {
            return $this->message_return( DBUM_GROUP_DEACTIVATE_FAILED , "Deactivate Group" , "Something goes wrong, while deactivate group" , __LINE__ , __FILE__ );
        }

        return TRUE;
    }

    /***************************************************************************
     * - if you not set level it will set to default "999"
     **************************************************************************/
    function edit_group( $group )
    {
        if( !$this->_valid_data( $group ) )
        {
            return FALSE;
        }

        if( !isset($group["level"]) || $group["level"] == '' )
        {
            $group["level"] = 999;
        }

        $this->query = "";
        $this->query = "UPDATE ". DBUM_GROUPS_TABLE ." SET
                        group_name = '". $group["group_name"] ."',
                        group_desc = '". $group["group_desc"] ."',
                        activated = '". $group["activated"] ."',
                        level = '". $group["level"] ."'
                        WHERE
                        LOWER(group_name) = '". strtolower($group["group_name"]) ."' LIMIT 1";

        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';
        if( $this->db->affectedRows( $this->result ) != 1 )
        {
            return $this->message_return( DBUM_GROUP_EDIT_FAILED , "Edit Group" , "Something goes wrong, while edit group" , __LINE__ , __FILE__ );
        }

        // Return if all right
        return TRUE;
    }

    /***************************************************************************
     * - check is given group_name valid
     * - delete all groupdata
     **************************************************************************/
    function delete_group( $group_name )
    {
        if( !$this->_valid_data( array( "group_name" => $group_name ) ) )
        {
            return FALSE;
        }
        $this->query = '';
        $this->query = 'DELETE FROM '. DBUM_GROUPS_TABLE .' WHERE LOWER(group_name) = \''. strtolower($group_name) .'\' LIMIT 1';
        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';
        if( $this->db->affectedRows( $this->result ) != 1 )
        {
            return $this->message_return( DBUM_GROUP_DELETE_FAILED , "DB Handling" , "Something goes wrong, while delete group" , __LINE__ , __FILE__ );
        }
        return TRUE;
    }
    // Will load the session is given by sess_id , else it will start a new one and put this data to sessions table !!!
    //
    function load_session( $sess_id = NULL , $sess_name = "DBUM_SID" , $sess_cache_limiter = "private_no_expire" , $sess_cache_expire = "0" , $cookie_params = array() )
    {
        if( !is_null($sess_id) )
        {
            session_id($sess_id);
        }

        // Set session name
        session_name( $sess_name );

        // "private" , "public" , "nocache" , "private_no_expire"
        // http://de2.php.net/manual/en/function.session-cache-limiter.php
        session_cache_limiter( $sess_cache_limiter );

        // Browser Cache Time
        // 0 = Browser restarted
        session_cache_expire( $sess_cache_expire );

        // Cookie Parameters
        // http://de2.php.net/manual/en/function.session-set-cookie-params.php
        ( !isset( $cookie_params["ttl"] ) ) ? $ttl = 0 : $ttl = $cookie_params["ttl"];

        ( !isset( $cookie_params["path"] ) || $cookie_params["path"] == "" ) ? $path = "/" : $path = $cookie_params["path"];

        ( !isset( $cookie_params["domain"] ) || empty($cookie_params["domain"]) ) ? $domain = $_SERVER["HTTP_HOST"]. dirname($_SERVER['PHP_SELF']) : $domain = $cookie_params["domain"];

        ( !isset( $cookie_params["secure"] ) ) ? $secure = FALSE : $secure = $cookie_params["secure"];


        session_set_cookie_params( $ttl , $path , $domain , $secure );

        // start session

        if( !session_start() )
        {
            return $this->message_return( DBUM_SESSION_START_FAILED , "Session" , "Cannot start session" );
        }

        header("Cache-control: ".$sess_cache_limiter); //IE 6 Fix

        ////////////////////////////////////////////////////////////////////////
        // Updating Session Table

        if( $sess_id != session_id() )
        {
            $this->query= "";
            $this->query = "INSERT INTO ". DBUM_SESSION_TABLE ." VALUES (
                            '' ,
                            '". session_id() ."',
                            '". $this->_datetime() ."' ,
                            '' ,
                            '' ,
                            '". $this->_timestamp() ."' ,
                            '". $this->_get_clientip() ."' ,
                            '". $this->_get_browser() ."' ,
                            '". $this->_get_referer() ."'
                            )";

            $this->result = $this->db->query( $this->query );

            if( DB::isError( $this->result ) )
            {
                return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
            }
            $this->query = '';
            if( $this->db->affectedRows( $this->result ) != 1 )
            {
                return $this->message_return( DBUM_INSERT_SESSION_FAILED , "DB_Handling" , "Something goes wrong, while insert session data" , __LINE__ , __FILE__ );
            }
            // $this->result->free();

        }
        ////////////////////////////////////////////////////////////////////////

        return TRUE;
    }
    /***************************************************************************
     * - unset all session vars
     * - destroy session and go secure is session file delete
     **************************************************************************/
    function destroy_session()
    {
        $session_id = session_id();
        // Unset all Session Vars
        session_unset();
        // Destroy Session
        session_destroy();

        // Get session file and delete it !!!
        if (strtolower('files' == session_module_name()))
        {
            $os = substr(PHP_OS, 0, 3);
            if( $os == 'WIN' )
            {
                $tz = "//";
                $path = str_replace( chr(92) , $tz , session_save_path() );
            }
            else
            {
                $tz = "/";
                $path = session_save_path();
            }

            @unlink($path . $tz .'sess_'. $session_id );
        }
        return TRUE;
    }

    /***************************************************************************
     * $options = array( "groups_table" => array( "name" => "100",
     *                                            "desc" => "255",
     *                                            "level" => "3" ),
     *                   "users_table" => array( "username" => "45",
     *                                           "password" => "35", ) ,
     *                   "groups" => array( array( "group_name" => "admin",
     *                                             "group_desc" => "Administrators Group",
     *                                             "level" => "100",
     *                                             "activated" => "1" ),
     *                                      array( "group_name" => "user",
     *                                             "group_desc" => "Users Group",
     *                                             "level" => "500",
     *                                             "activated" => "1" ),
     *                                      array( "group_name" => "public",
     *                                             "group_desc" => "Public Group",
     *                                             "level" => "900",
     *                                             "activated" => "1" ) ),
     *                   "users" => array( array( "username" => "admin"
     *                   )
     *
     **************************************************************************/
    function install_tables( $options = array() )
    {
        while( $k = key( $options ) )
        {
            // check is a numeric array()
            if( is_array( $options[$k] ) )
            {
                if( !$this->_is_numeric_array( $options[$k] ) )
                {
                    return $this->message_return( DBUM_INSTALL_ERROR , "Parameters" , "Options->". $k ." is not a numeric array.") ;
                }
            }
            else
            {
                return $this->message_return( DBUM_INSTALL_ERROR , "Parameters" , "Options->". $k ." is not an array.");
            }
            /*
            // Check are given data valid
            for( $i=0; $i < count($options[$k]); $i++ )
            {
                if( !$this->_valid_data( $options[$k][$i] ) )
                {
                    return FALSE;
                }
            }
            */
        }

        $this->query = '';
        $this->query = 'CREATE TABLE '. DBUM_SESSION_TABLE .' (
                       id bigint(20) unsigned NOT NULL auto_increment,
                       session_id varchar(32) NOT NULL default \'\',
                       session_start datetime NOT NULL default \'NOW()\',
                       session_stop datetime default NULL,
                       user_id int(10) unsigned NOT NULL default \'0\',
                       last_action int(10) UNSIGNED NOT NULL default \'0\',
                       remoteip varchar(15) NOT NULL default \'\',
                       browser varchar(255) default NULL,
                       referer varchar(255) default NULL,
                       PRIMARY KEY ( id ),
                       UNIQUE KEY session_id ( session_id )
                       ) TYPE=MyISAM COMMENT=\'DBUM Session Data\' AUTO_INCREMENT=1
                       ';
        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query= '';

        $this->query = 'CREATE TABLE '. DBUM_GROUPS_TABLE .' (
                        group_id int(10) unsigned NOT NULL auto_increment,
                        group_name varchar(100) NOT NULL default \'\',
                        group_desc varchar(255) default NULL,
                        activated tinyint(1) unsigned NOT NULL default \'1\',
                        level smallint(3) unsigned NOT NULL default \'999\',
                        PRIMARY KEY ( group_id ),
                        UNIQUE KEY group_name ( group_name )
                        ) TYPE=MyISAM COMMENT=\'DBUM Groups Table\' AUTO_INCREMENT=1
                        ';
        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';

        for( $i = 0; $i < count($options["groups"]); $i++ )
        {
            if( !$this->create_group( $options["groups"][$i] ) )
            {
                return FALSE;
            }
        }

        $this->query = 'CREATE TABLE '. DBUM_USERS_TABLE .' (
                        user_id int(10) unsigned NOT NULL auto_increment,
                        group_id int(10) unsigned NOT NULL default \'0\',
                        session_id varchar(32) NOT NULL ,
                        failed_logins smallint(2) unsigned NOT NULL default \'0\',
                        locked tinyint(1) unsigned NOT NULL default \'0\',
                        activated tinyint(1) unsigned NOT NULL default \'0\',
                        created datetime NOT NULL default \'0000-00-00 00:00:00\',
                        username varchar(50) NOT NULL ,
                        password varchar(40) NOT NULL ,
                        first_name varchar(100) default NULL,
                        last_name varchar(100) default NULL,
                        street varchar(255) default NULL,
                        postcode varchar(20) default NULL,
                        hometown varchar(150) default NULL,
                        email varchar(150) NOT NULL,
                        website varchar(255) NULL,
                        telephone varchar(50) default NULL,
                        fax varchar(50) default NULL,
                        mobil varchar(50) default NULL,
                        signature text default NULL,
                        icq bigint(20) default NULL,
                        msn varchar(255) default NULL,
                        aim varchar(255) default NULL,
                        PRIMARY KEY  (user_id),
                        UNIQUE KEY session_id (session_id),
                        UNIQUE KEY username (username),
                        UNIQUE KEY email (email)
                        ) TYPE=MyISAM COMMENT=\'DBUM Users Data Table\' AUTO_INCREMENT=1
                        ';
        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }
        $this->query = '';
        unset( $this->result );

        for( $i = 0; $i< count( $options["users"] ); $i++ )
        {
            if( !$this->create_user( $options["users"][$i] ) )
            {
                return FALSE;
            }
        }

        return TRUE;
    }

    function message_return( $msg_code , $msg_title = "" , $msg_text = "" , $line = "" , $file = "" )
    {
        if( $msg_code == DBUM_SQL_ERROR )
        {
            $this->err_code = $msg_code;
            if( !$this->debug )
            {
                $this->err_title = "SQL_Error";
                $this->err_msg = $this->result->getMessage();
            }
            else
            {
                $this->err_title = $this->result->getMessage();
                $this->err_msg = $this->result->getUserInfo();
                $this->err_line = $line;
                $this->err_file = $file;
            }
        }

        if( $msg_code == DBUM_INSERT_SESSION_FAILED || $msg_code == DBUM_CREATE_USER_FAILED || $msg_code == DBUM_UPDATE_SESSION_FAILED || $msg_code == DBUM_UNLOCK_USER_FAILED || $msg_code == DBUM_ACTIVATED_USER_FAILED || $msg_code == DBUM_CHANGE_EMAIL_FAILED || $msg_code == DBUM_GROUP_DELETE_FAILED || $msg_code == DBUM_GROUP_ACTIVATE_FAILED || $msg_code == DBUM_GROUP_DEACTIVATE_FAILED || $msg_code == DBUM_GROUP_EDIT_FAILED || $msg_code == DBUM_ACTION_FAILED )
        {
            $this->err_code = $msg_code;
            $this->err_title = $msg_title;
            $this->err_msg = $msg_text;
            $this->err_line = $line;
            $this->err_file = $file;
        }

        if( $msg_code == DBUM_INPUT_ERROR )
        {
            $this->err_code = $msg_code;
            if( $msg_title == "" )
            {
                $this->err_title = "Input Error";
            }
            else
            {
                $this->err_title = $msg_title;
            }
            $this->err_msg = $msg_text;
        }

        if( $msg_code == DBUM_LOGIN_FAILED || $msg_code == DBUM_USER_NOT_ACTIVATED || $msg_code == DBUM_USER_EXISTS || $msg_code == DBUM_SESSION_START_FAILED || $msg_code == DBUM_USER_LOCKED || $msg_code == DBUM_GROUP_NOT_EXISTS || $msg_code == DBUM_GROUP_NOT_ACTIVATED || $msg_code == DBUM_NOT_LOGGED || $msg_code == DBUM_LOGIN_TIMEOUT_REACHED || $msg_code == DBUM_USER_NOT_EXISTS || $msg_code == DBUM_CHANGE_PASSWORD_FAILED || $msg_code == DBUM_ACCESS_DENIED || $msg_code == DBUM_GROUP_EXISTS || $msg_code == DBUM_EDIT_USER_FAILED || $msg_code == DBUM_FORGOT_PASSWORD_FAILED)
        {
            $this->err_code = $msg_code;
            $this->err_title = $msg_title;
            $this->err_msg = $msg_text;
            if( $this->debug )
            {
                $this->err_line = $line;
                $this->err_file = $file;
            }
        }

        if( $msg_code == DBUM_HACKER_ATTEMPT )
        {
            $this->err_code = $msg_code;
            $this->err_title = "Hacker attempt";
            $this->err_msg = "You try to hack this site, an email with your data was send to admin";
        }
        if( isset($this->result) )
        {
            // $this->result->free();
        }
        return FALSE;
    }

    function _valid_data( $user )
    {
        while(list($key , $value ) = each( $user ))
        {
            if( !is_array($value) ) $value = strip_tags( $value );
            // Check is Username String valid
            if( preg_match("/username/i" , $key ) )
            {
                if( strlen( $value ) > DBUM_MAX_USERNAME_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }

                if( !preg_match("/^[A-Za-z0-9_-]+$/" , $value ) )
                {
                    return $this->message_return( DBUM_INPUT_ERROR , "Username" , "Invalid chars in your username" );
                }
            }
            // Check is Password String valid
            if( preg_match("/password/i" , $key ) )
            {
                if( is_array($value) )
                {
                    foreach( $value as $v )
                    {
                        if( strlen( $v ) > DBUM_MAX_PASSWORD_LEN )
                        {
                            return $this->message_return( DBUM_HACKER_ATTEMPT );
                        }
                    }
                }
                else
                {
                    if( strlen( $value ) > DBUM_MAX_PASSWORD_LEN )
                    {
                        return $this->message_return( DBUM_HACKER_ATTEMPT );
                    }
                }
            }
            // Check is first_name String valid
            if( preg_match("/first_name/i" , $key) )
            {
                if( !empty( $value ) )
                {
                if( strlen( $value ) > DBUM_FIRST_NAME_MAX_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }
                if( !preg_match("/^[A-Za-z0-9_-]+$/" , $value ) )
                {
                    return $this->message_return( DBUM_INPUT_ERROR , "First_Name" , "Invalid chars in your first_name" );
                }
                }
            }
            // Check is last_name String valid
            if( preg_match("/last_name/i" , $key) )
            {
                if( strlen( $value ) > DBUM_LAST_NAME_MAX_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }
                if( !empty($value) && !preg_match("/^[A-Za-z0-9_-]+$/" , $value ) )
                {
                    return $this->message_return( DBUM_INPUT_ERROR , "Last_Name" , "Invalid chars in your last_name" );
                }
            }
            // Check is street String valid
            if( preg_match("/street/i" , $key) )
            {
                if( !empty($value) )
                {
                if( strlen( $value ) > DBUM_STREET_MAX_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }
                if( !preg_match("/^[A-Za-z0-9.-]+$/" , $value ) )
                {
                    return $this->message_return( DBUM_INPUT_ERROR , "Street" , "Invalid chars in your street string" );
                }
                }
            }
            // Check is hometown String valid
            if( preg_match("/hometown/i" , $key) )
            {
                if( !empty($value) )
                {
                if( strlen( $value ) > DBUM_HOMETOWN_MAX_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }
                if( !preg_match("/^[A-Za-z0-9-_]+$/" , $value ) )
                {
                    return $this->message_return( DBUM_INPUT_ERROR , "HomeTown" , "Invalid chars in your hometown" );
                }
                }
            }
            // Check is postcode String valid
            if( preg_match("/postcode/i" , $key) )
            {
                if( !empty($value) )
                {
                if( strlen( $value ) > DBUM_POSTCODE_MAX_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }
                if( !preg_match("/^[0-9]+$/" , $value ) )
                {
                    return $this->message_return( DBUM_INPUT_ERROR , "Postcode" , "Invalid chars in your postcode" );
                }
                }
            }

            // Check is E-Mail String valid
            if( preg_match("/email/i" , $key) )
            {
                if( strlen( $value ) > DBUM_EMAIL_MAX_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }

                if( !preg_match("/[a-z0-9_-]+(\.[a-z0-9_-]+)*@([0-9a-z][0-9a-z-]*[0-9a-z]\.)+([a-z]{2,4}|museum)/i" , $value ) )
                {
                    return $this->message_return( DBUM_INPUT_ERROR , "E-Mail" , "Invalid email address" );
                }

            }

            // Check is telephone valid
            if( preg_match("/telephone/i" , $key) )
            {
                if( strlen( $value ) > DBUM_TELEPHONE_MAX_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }
            }

            // Check is FAX valid
            if( preg_match("/fax/i" , $key) )
            {
                if( strlen( $value ) > DBUM_FAX_MAX_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }
            }

            // Check is Mobil valid
            if( preg_match("/mobil/i" , $key) )
            {
                if( strlen( $value ) > DBUM_MOBIL_MAX_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }
            }

            // Check is ICQ Number valid
            if( preg_match("/icq/i" , $key) )
            {
                if( !empty($value) )
                {
                if( strlen( $value ) > DBUM_ICQ_MAX_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }
                if( !preg_match("/^[0-9]+$/" , $value ) )
                {
                    return $this->message_return( DBUM_INPUT_ERROR , "ICQ_Number" , "Invalid chars in your icq number" );
                }
                }
            }
            // Check is MSN valid
            if( preg_match("/msn/i" , $key) )
            {

                if( strlen( $value ) > DBUM_MSN_MAX_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }

            }
            // Check is AIM valid
            if( preg_match("/aim/i" , $key) )
            {
                if( strlen( $value ) > DBUM_AIM_MAX_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }
            }

            // Check is Website valid
            if( preg_match("/website/i" , $key) )
            {
                if( !empty($value) )
                {
                if( strlen( $value ) > DBUM_WEBSITE_MAX_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }
                if( !preg_match("/^http:+./i" , $value) )
                {
                    return $this->message_return( DBUM_INPUT_ERROR , "Website" , "Invalid URL given" );
                }
                }
            }


            // Extra checks
            if( preg_match("/unlock_id|session_id/i" , $key) )
            {
                if( strlen( $value ) > 32 )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }
                if( !preg_match("/^[a-z0-9]+$/" , $value) )
                {
                    return $this->message_return( DBUM_INPUT_ERROR , "Id" , "Invalid ". $key ." given" );
                }
            }

            if( preg_match("/group_name/i" , $key ) )
            {
                if( strlen( $value ) > DBUM_GROUP_NAME_MAX_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }
                if( !preg_match("/^[A-Za-z0-9_-]+$/" , $value) )
                {
                    return $this->message_return( DBUM_INPUT_ERROR , "Group Name" , "Invalid group_name given" );
                }
            }

            if( preg_match("/group_desc/i" , $key ) )
            {
                if( !empty($value) )
                {
                if( strlen( $value ) > DBUM_GROUP_DESC_MAX_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }
                if( !preg_match("/^[A-Za-z0-9_-]+$/" , $value) )
                {
                    return $this->message_return( DBUM_INPUT_ERROR , "Group Description" , "Invalid group_desc given" );
                }
                }
            }

            if( preg_match("/level/i" , $key ) )
            {
                if( strlen( $value ) > DBUM_GROUP_LEVEL_MAX_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }
                if( !preg_match("/^[A-Za-z0-9_-]+$/" , $value) )
                {
                    return $this->message_return( DBUM_INPUT_ERROR , "Group Description" , "Invalid group_desc given" );
                }
            }

            if( preg_match("/timeout/i" , $key ) )
            {
                if( strlen( $value ) > DBUM_TIMEOUT_MAX_LEN )
                {
                    return $this->message_return( DBUM_HACKER_ATTEMPT );
                }
                if( !preg_match("/^[0-9]+$/" , $value ) )
                {
                    return $this->message_return( DBUM_INPUT_ERROR , "Timeout" , "Invalid timeout given" );
                }
            }

        }
        return TRUE;
    }

    function _user_not_exists( $username )
    {
        // DB Handling
        $this->query = '';
        $this->query = 'SELECT user_id FROM '. DBUM_USERS_TABLE .' WHERE LOWER(username) = \''. strtolower($username) .'\' LIMIT 1';

        $this->result = $this->db->query( $this->query );
        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR );
        }
        $this->query = '';

        // check is a Dataset founded !
        if( $row = $this->result->fetchRow() )
        {
            $this->result->free();
            return $this->message_return( DBUM_USER_EXISTS , "Username" , "User alreadey exists" , __LINE__ , __FILE__ );
        }
        // Free Result
        $this->result->free();
        // Return
        return TRUE;
    }

    /***************************************************************************
     *
     **************************************************************************/
    function _group_not_exists( $group_name )
    {
        $this->query = '';
        $this->query = 'SELECT group_id FROM '. DBUM_GROUPS_TABLE .' WHERE LOWER(group_name) = \''. strtolower($group_name) .'\' LIMIT 1';

        $this->result = $this->db->query( $this->query );

        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }

        if( $row = $this->result->fetchRow() )
        {
            $this->result->free();
            return $this->message_return( DBUM_GROUP_EXISTS , "GroupName" , "Group does already exists" );
        }
        $this->result->free();
        return TRUE;
    }

    /*
     *
     *
     */
    function _email_not_exists( $email )
    {
        $this->query = '';
        $this->query = 'SELECT username FROM '. DBUM_USERS_TABLE .' WHERE email = \''. $email .'\' LIMIT 1';

        $this->result = $this->db->query( $this->query );

        if( DB::isError( $this->result ) )
        {
            return $this->message_return( DBUM_SQL_ERROR , "" , "" , __LINE__ , __FILE__ );
        }

        if( $row = $this->result->fetchRow() )
        {
            $this->result->free();
            return $this->message_return( DBUM_EMAIL_EXISTS , "Email address" , "Given email address already exists" );
        }
        $this->result->free();
        return TRUE;
    }

    /***************************************************************************
     * _generate_password
     *  - ONLY EXPERIMENTAL - not more -
     **************************************************************************/
    function _generate_password( $string )
    {
        $output = '';
        for($i = 0; $i <= 2; $i++ )
        {
            $output .= substr( $string , substr(time(),-1) );
        }
        return substr( $output, -8 );
    }

    /***************************************************************************
     * return a md5 id
     *
     **************************************************************************/
    function _generate_id( $username )
    {
        return md5($this->_get_microtime().$username);
    }

    function _get_clientip()
    {
        if( getenv("HTTP_X_FORWARDED_FOR") != '' )
        {
            $client_ip = $_SERVER["REMOTE_ADDR"];

            if ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", getenv('HTTP_X_FORWARDED_FOR'), $ip_list) )
            {
                $private_ip = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10.\.*/', '/^224.\.*/', '/^240.\.*/');
                $client_ip = preg_replace($private_ip, $client_ip, $ip_list[1]);
            }
        }
        else
        {
            $client_ip = $_SERVER["REMOTE_ADDR"];

            if ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", getenv('HTTP_X_FORWARDED_FOR'), $ip_list) )
            {
                $private_ip = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10.\.*/', '/^224.\.*/', '/^240.\.*/');
                $client_ip = preg_replace($private_ip, $client_ip, $ip_list[1]);
            }

        }

        return $client_ip;
    }

    // Return if isset HTTP REFERER , else NULL
    function _get_referer()
    {
        if( isset($_SERVER["HTTP_REFERER"]) && $_SERVER["HTTP_REFERER"] != '' )
        {
            return $_SERVER["HTTP_REFERER"];
        }
        else
        {
            return NULL;
        }
    }

    // Return if isset $_SERVER["HTTP_USER_AGENT"] , else NULL
    function _get_browser()
    {
        if( isset($_SERVER["HTTP_USER_AGENT"]) && $_SERVER["HTTP_USER_AGENT"] != '' )
        {
            return $_SERVER["HTTP_USER_AGENT"];
        }
        else
        {
            return NULL;
        }
    }

    // Return TRUE if given array only with numeric keys, else FALSE
    function _is_numeric_array( $a )
    {
        if( !is_array( $a ) ) return FALSE;
        foreach( $a as $k ){ if( !is_numeric( $k ) ) return FALSE; }
        return TRUE;
    }

    // Return Unix Timestamp
    function _timestamp()
    {
        return date('U');
    }
    // Get Mircotime
    function _get_microtime()
    {
        list( $usec , $sec ) = explode(" ", microtime());
        return ((float)$usec + (float)$sec);
    }
    // Return Formatted datetime
    function _datetime()
    {
        return date('Y-m-d H:i:s');
    }
}

?>